Show more
Daniel boosted
Daniel boosted

It's election week! 🥳

The natural party of chaos has broken and plundered everything, partied while the bodies piled high, and tried to blame the most vulnerable for the 💩 they've discharged.

It's time to #StopTheTories
stopthetories.vote/

So @mary was feeling a bit off last weekend I checked her blood pressure. It was dangerously high (175/110) compared to usual (119/70). After checking her the next day with no improvement, I took her to the ER. When she was admitted it was 193/120. They looked for problems(none), gave her some meds, and she is now back to normal a week later. Our sitter had something similar happen, and also Heidi's therapist. All in the last 3 weeks with no other symptoms. Anyone else seeing anything like this?

I don't know how my brain is able to read Boustrophedon writing, but it is interesting.

Ugh, it’s been one of those days where you put in 10 hours of work and at the end found out it was all for nothing.

Daniel boosted

There was a farmer who grew excellent quality corn. Every year, he won the award for the best-grown corn. One year, a newspaper reporter interviewed him and discovered the farmer shared his seed corn with his neighbors. “How can you afford to share your best seed corn with your neighbors when they are entering corn in competition with yours each year?” the reporter asked.
“Why sir,” said the farmer, “Didn’t you know? The wind picks up pollen from the ripening corn and swirls it from field to field. If my neighbors grow inferior corn, cross-pollination will steadily degrade the quality of my corn. If I am to grow good corn, I must help my neighbors grow good corn.”
So is with our lives... Those who want to live meaningfully and well must help enrich the lives of others, for the value of a life is measured by the lives it touches. And those who choose to be happy must help others find happiness, for the welfare of each is bound up with the welfare of all.

My dad had a good day fishing yesterday, by buddy caught none!😂

Cross Purpose is a great program and our church has been supporting them with volunteers and money for years. If even a fraction of the money wasted on government programs was funneled into them, the world would be a much better place.

Daniel boosted

Made a dumb website so I wouldn't ever have to Google "tm symbol" again.

symbol.wtf

One of my best friends proposed to his girlfriend this weekend and she said, "Yes!". Wishing them many years of happiness together!

A couple of weeks of solitude in nature, working on some projects, would be nice. Why does that seem so impossible?

Update: Our sitter was thankfully not having a heart attack, but other than a potassium deficiency, they’re not sure what’s going on. We’re glad she went in anyways. They say that death is the first symptom for around 1/3rd of people with heart problems. They can’t really ask those folks, but I suspect that a lot of them just brush off pain hoping it will go away.

It was the supposed to be date night, but the sitter (22) told us that she couldn’t make it because she was going to the hospital because she thought she might be having a heart attack! Please keep her in your prayers. I took the family out to dinner and then the car broke down afterwards…It was actually a beautiful afternoon for car trouble. Glad I was there and that we have hospitals, tow trucks, and Ubers.🙂

Ok I jumped up, hit the lights, and found a stick…this is what was in the freaking bed…

The wife wasn’t feeling good so I went down to the basement to sleep in the spare room. I turned the light off and laid down. Just as I put my head on the pillow, I feel it move and in the darkness I hear the signature rattle…there’s a freaking rattlesnake in my bed, near my head! I’m just gonna lay here for a while and doomscroll. Maybe it will leave. I think it crawled away. OMG why don’t I keep the house cleaner. This is where we fold our laundry and it’s just in a big pile next to me…

Daniel boosted

I think a LOT of people are missing the fact that we got LUCKY with this malicious backdoor.

The backdoor was created by an Insider Threat - by a developer / maintainer of various linux packages. The backdoor was apparently pushed back on March 8th (I believe) and MADE IT PAST all QA checks.

Let me state that again. Any quality assurance, security checks, etc., failed to catch this.

This was so far upstream, it had already gotten into the major Linux distributions. It made it into Debian pre-release, Fedora rolling, OpenSUSE rolling, Kali rolling, etc.

This is an example of Supply Chain Security that CISOs love to talk and freak out about. This is an example of an Insider Threat that is the boogey man of corporate infosec.

A couple more weeks, and it would have been in many major distributions without any of us knowing about it.

The ONLY reason we know about it is because @AndresFreundTec got curious about login issues and some benchmarking checks that had nothing to do with security and ran the issue down and stumbled upon a nasty mess that was trying to remain hidden.

It was luck.

That's it. We got lucky this time.

So this begs the question. Did the malicious insider backdoor anything else? Are they working with anyone else who might have access to other upstream packages? If the QA checks failed to find this specific backdoor by this specific malicious actor, what other intentional backdoors have they missed?

And before anyone goes and blames Linux (as a platform or as a concept), if this had happened (if it HAS happened!!!) in Windows, Apple, iOS, etc.... we would not (or will not) know about it. It was only because all these systems are open source that Andres was able to go back and look through the code himself.

Massive props and kudos and all the thank yours to Andres, those who helped him, to all the Linux teams jumping on this to fix it, and to all the folks on high alert just before this Easter weekend.

I imagine (hope) that once this gets cleaned up, there will be many fruitful discussions around why this passed all checks and what can be changed to prevent it from happening again.

(I also hope they run down any and all packages this person had the signing key for....)

#infosec #hacking #cve #cve20243094 #linux #FOSS

Daniel boosted
Show more
Camp Duffel

We Do Camps!